This documentation is for WSO2 Identity Server 5.4.0. View documentation for the latest release.
OAuth2 Token Validation and Introspection - Identity Server 5.4.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

WSO2 Identity Server provides a SOAP service to validate the OAuth2 token it has issued, which can be used by the resource server.

However from these 2 methods, the recommended approach is to use the REST API given above.

If subject identifier in the token validation response needs to adhere to the "Use tenant domain in local subject identifier" and "Use user store domain in local subject identifier" configurations in service provider, uncomment below configuration in <IS_HOME>/repository/conf/identity/identity.xml.

<BuildSubjectIdentifierFromSPConfig>true</BuildSubjectIdentifierFromSPConfig>
  • Default value of this property is false.
  • If the value is false, subject identifier will be set as the fully qualified username.